Figure - available from: The Journal of Supercomputing
This content is subject to copyright. Terms and conditions apply.
Source publication
Privacy preservation in a distributed environment is a challenging task as it requires efficient control strategies for authentication and integrity preservation of various users and applications. In a distributed environment, most of the data items are distributed among various parties which may be located across different geographical locations....
Citations
... The research on PPNB algorithms at an early stage was aimed to create models through training in which the data of all users are used without exposing their data to the other participants. This type of research was started in the early 2000s and has been ongoing until recently [21,22,40,41,44,45,48,50]. The outcome of this approach is the model as a result of training and it is shared with all participants or stored in a central server in a clear-text form. ...
... If such data is used by hackers, it will leak the privacy information of important transport hubs in China. Therefore, it is necessary to build an available high-speed private data stream encryption transmission system for the online education system of transportation engineering [17] and encrypt the high-speed private data stream of the online education system of transportation engineering to ensure data security [18]. ...
With the development of information technology, the high-speed private data stream encryption transmission system is more and more widely used in the field of education. The high-speed private data stream encryption transmission system can realize high-speed and safe data transmission and protect the privacy and security of user data. To protect the security of private data in the online education of specialty “traffic engineering”, an encryption transmission system for high-speed private data stream is designed. After the online education system and core modules of traffic engineering are analyzed, the system framework is designed through the codec module and the high-speed privacy data stream processing control and transmission module. The sliding window segmentation method is used to extract the privacy data in the education system and send it to the coding sub-module. Based on a homomorphic encryption algorithm, a private data stream encryption and decryption model is established. The key encoding is designed by the vector quantization coding method. The private data is authenticated according to the characteristics of the key, and the data encryption transmission is completed through the microcontroller. The experimental results show that the encrypted data of the designed system has only 0.01 Gbit loss, and the encryption time is only 93ms. The data dimension displayed after encryption is relatively scattered, and the distribution probability of encrypted data is between 1500–2000, which can effectively encrypt the private data in the online education system of transportation engineering specialty, and improve the security of high-speed private data flow in the online education system of transportation engineering specialty.
... The early researches of PPML mostly used Yao's garbled circuit protocol [26], which has a large computational and communicating overhead. At present, the privacy protection technologies to achieve PPML have three broad categories, which are based on differential privacy (DP) [27][28][29][30][31], secure multi-party computation (SMPC) [32][33][34][35][36][37][38], and homomorphic encryption (HE) [39][40][41][42][43][44]. Adding noise to the sensitive data is a key method of differential privacy to achieve privacy protection. ...
Machine learning has been widely used for intelligent forwarding strategy in Vehicular Ad-Hoc Networks (VANET). However, machine learning has serious security and privacy issues. BRFD is a smart Receiver Forwarding Decision solution based on Bayesian theory for Named Data Vehicular Ad-Hoc Networks (NDN-VANET). In BRFD, every vehicle that received an interest packet is required to make a forwarding decision according to the collected network status information. And then decides whether it will forward the received interest packet or not. Therefore, the privacy information of a vehicle can be revealed to other vehicles during information exchange of the network status. In this paper, a Privacy-Aware intelligent forwarding solution PABRFD is proposed by integrating Homomorphic Encryption (HE) into the improved BRFD. In PABRFD, a secure Bayesian classifier is used to resolve the security and privacy issues of information exchanged among vehicle nodes. We informally prove that this new scheme can satisfy security requirements and we implement our solution based on HE standard libraries CKKS and BFV. The experimental results show that PABRFD can satisfy our expected performance requirements.
... The research of privacy-preserving outsourced data focuses on anonymization-based methods [12][13][14][15][16][17][18], cryptographicbased methods [19][20][21][22][23][24], hybrid methods [2,[25][26][27], and methods that seek to improve the data utility [26,28,29]. Some recent studies have demonstrated the privacy requirements of incremental datasets [30][31][32] and multiple sensitive attributes [33][34][35]. ...
Cloud computing plays an essential role as a source for outsourcing data to perform mining operations or other data processing, especially for data owners who do not have sufficient resources or experience to execute data mining techniques. However, the privacy of outsourced data is a serious concern. Most data owners are using anonymization-based techniques to prevent identity and attribute disclosures to avoid privacy leakage before outsourced data for mining over the cloud. In addition, data collection and dissemination in a resource-limited network such as sensor cloud require efficient methods to reduce privacy leakage. The main issue that caused identity disclosure is quasi-identifier (QID) linking. But most researchers of anonymization methods ignore the identification of proper QIDs. This reduces the validity of the used anonymization methods and may thus lead to a failure of the anonymity process. This paper introduces a new quasi-identifier recognition algorithm that reduces identity disclosure which resulted from QID linking. The proposed algorithm is comprised of two main stages: (1) attribute classification (or QID recognition) and (2) QID dimension identification. The algorithm works based on the reidentification of risk rate for all attributes and the dimension of QIDs where it determines the proper QIDs and their suitable dimensions. The proposed algorithm was tested on a real dataset. The results demonstrated that the proposed algorithm significantly reduces privacy leakage and maintains the data utility compared to recent related algorithms.
... The Signature-based IDS uses pattern matching with predefined signatures taken from the already detected malware's stored in a database. Thus, creating a low number of false positive alarms but at the same time, it lets new attacks to pass-through unnoticed [10,11,12]." Therefore, a system needs to be developed that can increase detection rate for new (a.k.a.zero-day malware's) attacks and reduce false alarms rate in previously defined signatures. ...
Smart grid systems enhanced the capability of traditional power networks while being vulnerable to different types of cyber‐attacks. These vulnerabilities could cause attackers to crash into the network breaching the integrity and confidentiality of the smart grid systems. Therefore, an intrusion detection system (IDS) becomes an important way to provide a secure and reliable services in a smart grid environment. This article proposes a feature‐based IDS for smart grid systems. The proposed system performance is evaluated in terms of accuracy, intrusion detection rate (DR), and false alarm rate (FAR). The obtained results show that the random forest and neural network classifiers have outperformed other classifiers. We have achieved a 0.5% FAR on KDD99 dataset and a 0.08% FAR on the NSLKDD dataset. The DR and the testing accuracy on average are 99% for both datasets. This article proposes a feature‐based IDS for smart grid systems. The proposed system performance is evaluated in terms of accuracy, intrusion detection rate (DR), and false alarm rate (FAR). The obtained results show that the random forest and neural network classifiers have outperformed other classifiers. We have achieved a 0.5% FAR on KDD99 dataset and a 0.08% FAR on the NSLKDD dataset. The DR and the testing accuracy on average are 99% for both datasets.
... Therefore, cross-platform authentication in cloud computing has not been considered before, and this gives rise to the problem of trustiness between cross-platforms in fog computing. Cross-platforms are places where multiple fog nodes authenticate mutually and exchange data [13][14][15][16][17]. Hence, developing lightweight cryptographic protocols to protect Industrial IoT devices against vulnerable attacks and satisfying device constraints are needed. ...
The development of the industrial Internet of Things (IIoT) promotes the integration of the cross-platform systems in fog computing, which enable users to obtain access to multiple application located in different geographical locations. Fog users at the network’s edge communicate with many fog servers in different fogs and newly joined servers that they had never contacted before. This communication complexity brings enormous security challenges and potential vulnerability to malicious threats. The attacker may replace the edge device with a fake one and authenticate it as a legitimate device. Therefore, to prevent unauthorized users from accessing fog servers, we propose a new secure and lightweight multi-factor authentication scheme for cross-platform IoT systems (SELAMAT). The proposed scheme extends the Kerberos workflow and utilizes the AES-ECC algorithm for efficient encryption keys management and secure communication between the edge nodes and fog node servers to establish secure mutual authentication. The scheme was tested for its security analysis using the formal security verification under the widely accepted AVISPA tool. We proved our scheme using Burrows Abdi Needham’s logic (BAN logic) to prove secure mutual authentication. The results show that the SELAMAT scheme provides better security, functionality, communication, and computation cost than the existing schemes.
... In the practical IoT environment, the data collected by each gateway is not shared with only one application, but multiple applications [14]. However, encrypting with each application's public key increases the computational and communication overhead. ...
With the evolvement of the Internet of things (IoT), privacy and security have become the primary indicators for users to deploy IoT applications. In the gateway-based IoT architecture, gateways aggregate data collected by perception-layer devices and upload message packets to platforms, while platforms automatically push different categories of data to different applications. However, security in processes of data transmission via gateways, storage in platforms, access by applications is the major challenge for user privacy protection. To tackle this challenge, this article presents a secure IoT scheme based on a fine-grained multi-receive signcryption scheme to realize end-to-end secure transmission and data access control. To enhance the security of online application decryption keys, we design a distributed threshold decryption scheme based on secret-sharing. Moreover, from the provable security perspective, we demonstrate that the scheme can achieve the expected IND-CCA security and EUF-CMA security. After the performance analysis, evaluation results show that the computational performance is efficient and linearly subject to the number of messages and the number of receivers.
... In documents [8][9][10][11], clustering, the probability distribution, the similarity and other calculations were used to obtain the nearest neighbor set, which was used to fill in the missing data. As one of the most mature methods, collaborative filtering was improved by combining it with many methods, such as the BP neural network, the conditional probability, the bipartite graph, the clustering algorithm, the genetic algorithm, etc. in documents [12][13][14][15][16] to reduce the impact of data sparsity on recommendations. Considering the influence of subjective user ratings on recommendation results, document [17] took into account that the Quality of Service (QoS) incorporated the contribution of unreliable users and used a clustering algorithm and the collaborative filtering method integrating the degree of trust to rebuild the trust network of clustered users and make personalized QoS predictions and cloud service recommendations for active users. ...
Considering the low satisfaction rate and low efficiency of product service plans, a personalized product service plan recommendation method adopting the degree of trust and cloud model is proposed. The recommendation algorithm mainly includes calculating the similarity and the prediction results of the scheme. First, by fully considering the user’s subjective characteristics, the user’s trust is used to improve the traditional similarity. Second, considering data sparsity and discreteness, the cloud drop distance similarity calculation method is introduced in the process of calculating the trust similarity, and a new similarity is generated via the weighted synthesis to predict and fill in the gaps in the data. Then, when the new user does not have the cold start problem caused by the historical score record, the neural network method can be used to classify the users based on the user characteristics. The method is proposed and introduced to predict sparse user interest features and obtain similar user sets based on feature classification. The corresponding program offers recommendations. Finally, the effectiveness and rationality of the proposed method are verified by using the recommendations for a machine tool product for a manufacturing enterprise as an example.
... In [2], it has been shown that the protocol is much faster than public-key based protocols using homomorphic encryption. Since then, this protocol has been and is still used in many privacy-preserving solutions [3], [4], [5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17], [18], [19], [20], including support vector machines [17], facial expression classification [9], medical pre-diagnosis [18], and speaker verification [10], [11]. ...
Privacy-preserving scalar product (PPSP) protocols are an important building block for secure computation tasks in various applications. Lu et al. (TPDS'13) introduced a PPSP protocol that does not rely on cryptographic assumptions and that is used in a wide range of publications to date. In this comment paper, we show that Lu et al.'s protocol is insecure and should not be used. We describe specific attacks against it and, using impossibility results of Impagliazzo and Rudich (STOC'89), show that it is inherently insecure and cannot be fixed without employing public-key cryptography.
... A semantic approach to making a machine-readable large-scale attack graph to improve its readability for a large-scale attack graph is presented by Lee et al. [6]. Kaur et al. [7] proposed a multi-party privacy preserving classification scheme in the cloud for arbitrarily distributed data among multiple parties so that parts of different regions can collaborate effectively. ...
